One of the top concerns for IT operations today is ensuring the proper security measures are in place for storage systems. At Dell EMC, we take these requirements seriously, and have invested in industry certifications, dedicated security engineering resources and labs to address security compliance across a variety of government and private sector entities. We know your business depends on protecting your data, and it’s important for our customers to know that their investments in Dell EMC storage systems can help them address their own security requirements. Research firm Enterprise Strategy Group (ESG) validates the importance of cybersecurity, as shown in the following technology spending report:
Source: ESG Research Report, 2018 IT Spending Intentions Survey, Dec 2018We are proud to announce our security achievements to date for the Dell EMC Unity midrange storage platform, including the completion of the Authorized Products List (APL) listing from DISA (Defense Information Systems Agency). Dell EMC Unity is one of just a handful of midrange storage systems that has been engineered to meet 10 major security compliance requirements, thereby helping to secure sensitive data.
Many of these security compliance objectives are driven by the United States Federal Government and these strict security requirements apply to a variety of public sector environments.
Other industries, including but not limited to, banking and retail directly benefit from these security capabilities designed to meet the highly secure Payment Card Industry (PCI) requirements for securing financial transactions. These security features can offer added peace of mind when deploying the full Dell EMC Unity portfolio. In addition, all of our security features are provided at no charge and with no additional costs or licenses. The following is a list of Dell EMC Unity security capabilities available in the product family today, some of which have achieved specific industry or government security compliance certification for data storage systems.
Dell EMC Unity Security Compliance Features
- United States of America DoD Approved Products List (APL) Certification – This is a major certification milestone for the Dell EMC Unity storage platform that demonstrates the portfolio’s compliance with the DoD interoperability and Cybersecurity requirements.
- STIG Compliance CAT 1, CAT2 – The Security Technical Implementation Guide (STIG) standardizes security protocols within networks, servers, computers and logical designs to enhance overall security.
- Controller-based Data at-Rest Encryption or D@RE – D@RE Protects against unauthorized access to user data on lost or stolen drives or systems. This is a required capability for meeting multiple industry and government security compliance objectives.
- FIPS 140-2 Level 1 Certification – Specifies security requirements for the D@RE cryptographic module.
- KMIP – OASIS Key Management Interoperability Protocol (KMIP) – Dell EMC Unity supports KMIP Specification v1.3 and v1.4 compliant external key managers designed to facilitate data encryption by simplifying encryption key management.
- HIPAA – The HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. Dell EMC Unity includes the necessary security features that can help organizations meet HIPAA privacy requirements for data storage systems.
- Common Criteria Certification Developed for evaluating information security products, specifically to ensure they meet an agreed-upon security standard for government deployments.
- Native SHA-2 certificate support – This 256 bit cryptographic hashing standard is used to ensure that data has not been modified.
- TLS 1.2 support and TLS 1.0 disablement – Cipher suites that provide enhanced security and ability to disable prior generation.
- USGv6 Device IPv6/IPv4 dual stack certification – Dual stack technology allows ISPs to process IPv4 and IPv6 data traffic simultaneously.
Customer Spotlight – Defense Health Agency
Meeting the needs of government and federal customers that require compliance to regulations is very important to Dell EMC. One of our federal customers includes the Defense Health Agency (DHA) which provides the Department of Defense and Department of Veterans Affairs health care providers global visibility and access to artifacts and images generated during the health care delivery process.
When a vendor changes or upgrades their hardware or software, DHA undergoes intense security vulnerability hardening, systems testing, scanning, and remediation to determine its IA (Information Assurance) compliance with the Department of Defense (DoD) Risk Management Framework (RMF) security controls and security requirements. Currently, DHA is pursuing STIG (Security Technical Implementation Guide) compliance for the new Dell EMC hardware it purchased as part of an overall refresh of its enterprise-wide storage footprint.
“With some vendors, the deployment, installation, and hardening of a SAN can be a complex project,” said Brian Reese, DHA Project Lead, SPAWAR Systems Center Atlantic. “We value our partnership with Dell EMC as we deploy the Dell EMC hardware together. Dell EMC has been critical in supporting the IA compliancy efforts required to get the systems and hardware ready. With the Common Criteria Certification, user-enabled STIG mode now available on the Dell EMC Unity series and many other product improvements that are ideal for federal customers, the deployment process is much shorter and easier.”
Quite simply, Dell EMC has done the hard work for our customers to help them better protect their most critical data assets that reside on Dell EMC Unity storage systems. This work helps facilitate compliance with strict IA requirements while ensuring data and the applications that depend on that data can operate seamlessly with world-class security in place.
For additional security details in Dell EMC Unity, please visit the following links: